[olug] Minimalist network security
Jaymz Ringler
jringler at sperrytv.com
Fri Sep 12 14:07:17 UTC 2003
If your switches have a monitor or span port (I didn't pay attention
that closely when I was out there), put a snort box on that port.
That will tell you what is flying around on the wire..
To limit access from the SCC side, I'd use IPSec filters and filter out
the SCC computer IP Addresses. You'd have to use MAC Address
Reservations with DHCP so your research computers would all get the same
IP's. or just make them use static and leave the visitors and SCC pc's
on DHCP.
Another solution, host based Intrusion Detection. install SNORT with
IDS center on all of the machines you want to monitor. it's not that
difficult to install, and I'd be willing to help you out if needed..
More information about the OLUG
mailing list